Overview

overview

7

Static

static

6

d40258624b...18.apk

android-9-x86

7

Analysis

  • max time kernel
    125s
  • max time network
    150s
  • platform
    android-9_x86
  • resource
    android-x86-arm-20240910-en
  • resource tags

    arch:armarch:x86image:android-x86-arm-20240910-enlocale:en-usos:android-9-x86system
  • submitted
    08/09/2024, 09:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d40258624b38628321793d9a36c022a6_JaffaCakes118.apk

  • Size

    20.6MB

  • MD5

    d40258624b38628321793d9a36c022a6

  • SHA1

    f1aca3230991d3ea2ef734ab3ca184073c61f7ac

  • SHA256

    39f2bcadbe3edcab19d33e03a83b4a9c039e2ccd38e5f5851d4be0033a809d48

  • SHA512

    f17fa1deefa582a3803ce2bcfd24f36cb5b7307e439dbba38cae702607ce8ff7c0a3eca626829407282c4a7242fa55abffd2c30becfde07f080cc8421e485e6d

  • SSDEEP

    393216:XbjdP8NjHXRmprd6uuQhvxS/qvVqG8WLBes/C9asNPLpilnNKx6e1:XbjdiHhmp8w3RSWLk3DNIxoxZ

Score
7/10
bankercollectiondiscoveryevasionpersistence

Malware Config

Signatures

  • Queries a list of all the installed applications on the device (Might be used in an attempt to overlay legitimate apps) 1 TTPs
    bankerdiscovery
  • Queries account information for other applications stored on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect account information stored on the device.

    collection
  • Queries information about running processes on the device 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about running processes on the device.

    discovery
  • Queries information about the current nearby Wi-Fi networks 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current nearby Wi-Fi networks.

    discovery
  • Queries information about active data network 1 TTPs 1 IoCs
    discovery
  • Queries information about the current Wi-Fi connection 1 TTPs 1 IoCs

    Application may abuse the framework's APIs to collect information about the current Wi-Fi connection.

    discovery
  • Reads information about phone network operator. 1 TTPs
    discovery
  • Listens for changes in the sensor environment (might be used to detect emulation) 1 TTPs 1 IoCs
    evasion
  • Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs
    persistence

Processes

  • com.pinyou.wuxia
    1⤵
    • Queries account information for other applications stored on the device
    • Queries information about running processes on the device
    • Queries information about the current nearby Wi-Fi networks
    • Queries information about active data network
    • Queries information about the current Wi-Fi connection
    • Listens for changes in the sensor environment (might be used to detect emulation)
    • Registers a broadcast receiver at runtime (usually for listening for system events)
    PID:4268

Network

MITRE ATT&CK Mobile v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • /data/data/com.pinyou.wuxia/app_td-cache/tdandroidgame
    Filesize

    7KB

    MD5

    b080bc992be3313860690a3ca4d13b25

    SHA1

    982b7c9c0d226e73f0150a9c18d1fefd378b499f

    SHA256

    f6d149196b34d7432d881d205fed7f829637918baf74fb959b211650cb2fea8a

    SHA512

    bb4636476cc9660d009731f028d9f8e49dbf7358328f080804e14081a991585e52384915b1dc08d809ab191417a1e9137a723e101c097d70a87cc7fcabb6984a

    Download Submit

  • /data/data/com.pinyou.wuxia/files/moveresource.sh
    Filesize

    75B

    MD5

    9e01cd49839807e801452166ec6406e6

    SHA1

    647c97c96267d378ee48f0adda0ae746dffed565

    SHA256

    0495013811f786968cab3c94ac41e8ad6641d5bc8c3e0e543844a5731762d41b

    SHA512

    7abf9328cf54a6f2880f068e7ed37e9320c9aba9d58694ee6d1185340ff06280e8fd10f05cff2f72492b90db04f71bd7457003ad037d7a762f064ee2986b5ad1

    Download Submit

  • /data/data/com.pinyou.wuxia/files/moveresource.sh
    Filesize

    160B

    MD5

    824a708be5697f53ba0a3591eea99d84

    SHA1

    e880be81e7cb6f2b611ec69b8146cf52663f3c36

    SHA256

    0ad4c09d1c5693a8c3bd443783bd8938f3c9706ba51e2283c38b297d84a70337

    SHA512

    1672336d5709621b7316ff0613c52ecd378a44990df4e26ecef28a2df2d26f22ac191e79966a91818eda6f171b5119b72c419e39d9522fc378114cc029e57740

    Download Submit

  • /data/data/com.pinyou.wuxia/files/moveresource.sh
    Filesize

    243B

    MD5

    7892bb4ba0010b325b9f4a7177c717b3

    SHA1

    978dfcadbaba3b98bdcf1bba21aed105a8fa65eb

    SHA256

    4993a89948ace64163261b91c10d274d134d760cd9fba6dc407cc5b46875b1b9

    SHA512

    2df8417c18068c389cc318c93b05adf620d5e44dfb797ee74d8e0b1ab4e274e61af17e39e10b6ef7d3fe0ffee51986f69e79a7718230bfffc8152ed5f0e6c75c

    Download Submit

  • /data/data/com.pinyou.wuxia/files/moveresource.sh
    Filesize

    316B

    MD5

    7d42cc761e48e1022047b062b9063d02

    SHA1

    d6a326d73e1ca6667d65182855145a50c17e3196

    SHA256

    ea68da0dbd31d31cc8e1f203d675ad307cb9fd21763bc38135fd0c3d1029f0c3

    SHA512

    3237b2b54007896f18397503fa12418dae0bd0a08719f1d078f06cc5aec4b272c1dc1c8c1b29d9de3535bffb123bfbed4f60ba2360126eb6a1d935a7f089c0a0

    Download Submit

  • /data/data/com.pinyou.wuxia/files/moveresource.sh
    Filesize

    1KB

    MD5

    a7f19abad9a5c8b00535ad67024b2099

    SHA1

    f63ebca9f97b64e3e7261c80a030d4c27c557c9a

    SHA256

    1b38a797fc59265bc0ca3a9543b151b247f4d41bdf99bb8f93cca71e8de057c3

    SHA512

    22b23c47907833a5309fdd4fc07a211b4672d17c1cf13bbee253c02a20737442394cdda21288e1326bb92fe0d1b13307cbe3dd15687223c4b9a865e6b6477e88

    Download Submit